Ireland must engage in closer cooperation with EU on cybercrime
MAY 2021 HAS SEEN the biggest attack ever on a healthcare facility anywhere in the world. As the Health Service Executive continued to fight the Covid pandemic, its computer systems went down, causing thousands of appointments to be canceled.
This had profound implications for each of the affected patients and their families. It is no exaggeration to say that the health of so many people has been put at risk and we don’t know the full effect of these cancellations and delays.
When I brought up in the Seanad on November 24 the cost and implications of the attack, it was revealed that at this point it had cost at least 37.5 million euros for ICT costs alone.
In December, we also saw a cyberattack on Coombe Hospital, but that was one of the many organizations targeted here last year. A report by Grant Thornton estimated that cybercrime currently costs Ireland around € 9.6 billion per year. To put this in context, the government’s capital construction program for 2022 (the largest ever) is slightly higher, at 10 billion euros.
These attacks are likely to grow and become more common. Universities, government departments and agencies, businesses and non-governmental organizations are all targeted by these criminals and terrorists.
I am quite frustrated that we do not seem to take data protection and cybersecurity issues seriously enough, and that we do not give sufficient resources to the agencies responsible for dealing with this area.
Underestimate the risk
As we move more and more of our personal information, financial transactions, and indeed almost every aspect of our life into the digital space, we need to ensure that those charged with regulating, controlling and protect have enough teeth and support to do so.
The government has taken welcome steps to significantly increase the resources of the National Cyber Security Center: the national development plan calls for an increase in staff from 25 to 70 over a five-year period.
An Garda Síochána has taken positive steps by creating dedicated cybercrime teams. But as we have seen with the Data Protection Commissioner, we underestimate the scale of the challenges we face.
Many of the battles of the future will be fought in cyberspace rather than with boots on the ground and we need to make sure Ireland is well equipped to be able to deal with any attack.
Some of the attacks will come simply from mercenary criminals.
But these attacks could easily come from state sponsored actors who might wish to disrupt some aspect of Irish society or economy to send a message or for financial gain. I don’t think it’s overstating that if Ireland took a particularly strong stance on an issue in the UN Security Council, for example, in the future there would be no effort to make an impact. on some critical infrastructure here.
In July, Australia, the European Union, the United Kingdom, the United States and others all warned Chinese involvement in cyber theft of intellectual property. Attempts by foreign governments to interfere with elections in democratic countries have also been the subject of much publicity.
Ireland alone will not be able to cope with external threats. Our foreign policy has always been based on multilateralism and on supporting global progress through cooperation and multilateral organizations. We should be rightly proud of being the only country to have taken part in all United Nations peacekeeping missions since their inception over 60 years ago.
We need to engage regionally and internationally to address the threat of cybercrime and cyberterrorism.
No news is bad news
Support the journal
Your contributions will help us continue to deliver the stories that are important to you
Support us now
The test of time
PESCO (Permanent Structured Cooperation) was created in 2017 as part of the common security and defense policy of the European Union. Its objective is to provide a “legal framework for jointly planning, developing and investing in shared capability projects, and improving the operational readiness and contribution of the armed forces”.
Member States can opt for one of the joint projects, which includes joint training for the defense forces.
It has no influence on our positions in matters of national defense or foreign policy. We remain an unaligned country and we are not a member of the North Atlantic Treaty Organization (although in the context of future discussions on a shared island this issue will be on the table and we will need to have this debate) . Deploying Irish troops on any mission requires the “triple lockdown” of UN authorization, government sanction and Dáil approval.
Ireland is a member of PESCO, but perhaps the least active in the range of joint projects in which Member States are engaged.
I am convinced that Ireland should actively participate in all joint initiatives currently undertaken or planned to develop a common European response to cyber attacks and cybersecurity breaches. We need to take the lead in cyber peacekeeping.
This is a crucial issue of national security and defense. We need to have a well-resourced national cybersecurity center, but we also need to cooperate with other democracies through the European Union and PESCO to jointly resist cyberattacks and cybercrime.
The attack on the HSE this year was a terrorist attack and we must treat it as such. We cannot be neutral when our critical infrastructure is undermined.
Malcolm Byrne is a senator from Fianna Fáil.